package com.springcloud.ssoserverdemo.config

import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.security.authentication.AuthenticationManager
import org.springframework.security.crypto.password.PasswordEncoder
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore

@Configuration
@EnableAuthorizationServer  //开启认证服务
class OauthConfig extends AuthorizationServerConfigurerAdapter{

    @Autowired
    AuthenticationManager manager

    @Autowired
    PasswordEncoder encoder

    @Override
    void configure(ClientDetailsServiceConfigurer clients) throws Exception {

        clients.inMemory()
                .withClient('client')
                .secret(encoder.encode('secret'))
                .authorizedGrantTypes('authorization_code')
                .autoApprove(false)
                .resourceIds('http://localhost/login')
                .accessTokenValiditySeconds(3600)
                .scopes('app')
    }


    //__________采用jwt作为令牌___________

    @Override
    void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints
                .tokenStore(tokenStore())
                .tokenEnhancer(jwtAccessTokenConverter())
    }

    @Bean
    def tokenStore()
    {
        new JwtTokenStore(jwtAccessTokenConverter())
    }

    @Bean
    def jwtAccessTokenConverter()
    {
        def c=new JwtAccessTokenConverter()
            c.setSigningKey('signing')  //签名密匙
        c
    }

}
